Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/L17t_x3jL2XUQXvYwC4o8PPPMM4.roa
File: L17t_x3jL2XUQXvYwC4o8PPPMM4.roa (raw, json)
Hash identifier: uon2xb8ho/3ywrAplZOV2cEswoBbgzR3FrTQwYq8aXA=
Subject key identifier: 2F:5E:ED:FF:1D:E3:2F:65:D4:41:7B:D8:C0:2E:28:F0:F3:CF:30:CE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187B1E3B0254587A3CA585D1B2C89DC15AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/L17t_x3jL2XUQXvYwC4o8PPPMM4.roa
Signing time: Mon 24 Apr 2023 06:11:41 +0000
ROA not before: Mon 24 Apr 2023 06:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:e3:b0:25:45:87:a3:ca:58:5d:1b:2c:89:dc:15:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 24 06:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f5eedff1de32f65d4417bd8c02e28f0f3cf30ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:76:6c:f2:18:61:8d:28:8d:89:00:65:55:e0:
cd:82:19:33:45:44:ed:a7:ef:05:ef:87:c7:8d:ee:
f5:33:45:48:88:37:32:77:4d:fe:3d:02:18:53:2b:
b5:c0:e1:9b:bd:da:dc:89:90:00:4e:cf:89:f0:82:
a2:e8:70:47:a5:44:19:b9:ef:40:cf:7b:c2:9f:a8:
00:fd:56:4b:ef:4b:42:ac:22:65:cd:57:11:c9:0a:
e4:9d:05:fe:a7:0a:15:d2:33:4c:c9:44:bb:7b:5d:
1d:75:ff:be:ab:95:af:98:ac:62:76:d8:1e:9a:48:
b5:41:3f:52:a0:07:b8:d7:e3:12:e2:7f:7a:75:ae:
03:18:38:70:6e:a6:a1:35:cf:ba:dd:b2:18:4a:e4:
a6:77:30:94:d3:06:fc:78:70:d0:df:7e:d2:75:87:
cb:0c:6c:b0:5f:d8:45:5f:c0:f8:55:88:32:0a:87:
35:5f:ca:1c:36:e3:df:9f:dd:6e:70:a9:7f:1f:5c:
fa:c4:fa:91:ef:fa:a8:ce:27:21:57:13:e3:4e:be:
a8:2e:17:79:3b:52:6b:12:27:5c:ba:99:29:7f:5e:
ba:b0:ea:1b:51:20:01:2d:8d:45:2d:5e:63:ef:b7:
1d:de:de:67:53:49:fc:2b:35:d5:11:66:bf:d7:4a:
9e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5E:ED:FF:1D:E3:2F:65:D4:41:7B:D8:C0:2E:28:F0:F3:CF:30:CE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/L17t_x3jL2XUQXvYwC4o8PPPMM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:d9:f9:c7:7e:31:1d:97:e3:db:6d:d2:ec:89:31:a9:1a:cf:
c7:4c:05:65:42:fb:d6:32:a5:f2:f0:50:35:a9:30:88:f7:92:
86:8f:26:ff:1d:99:f8:e1:16:04:e2:1d:be:57:60:32:56:89:
da:6f:38:a1:e5:bf:95:12:9b:6f:6d:56:d2:9c:63:c0:31:9f:
5b:58:de:e7:1b:c1:f8:ca:e9:35:76:ef:62:7c:50:c8:c3:82:
f1:ea:cb:5e:ab:43:1b:f1:d4:21:27:d2:98:59:f9:c0:72:9c:
fc:a0:6e:75:0e:94:c8:b2:39:40:06:8a:25:8e:98:cf:88:73:
73:b7:0d:cf:0c:86:4b:0e:ca:59:f1:f9:bc:d7:11:ca:7e:c1:
30:68:55:a7:db:65:61:fe:8b:06:40:b8:5b:78:ee:9f:3c:1d:
18:5b:96:e6:21:1f:69:41:4a:ff:9b:a3:14:da:80:7a:56:4e:
b4:18:7e:e9:61:79:9c:37:2a:a1:42:19:5e:8f:20:34:1f:d8:
df:21:13:df:88:a5:16:d2:aa:45:be:35:95:71:0e:c5:1a:16:
12:59:f1:c3:b9:71:c8:8c:66:e0:d3:a3:8e:26:a5:78:a2:59:
f5:f5:0c:99:84:46:de:4f:2e:cc:c5:b3:ca:16:4d:97:18:23:
a9:cb:02:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYex47AlRYejylhdGyyJ3BWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI0MDYxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjVlZWRmZjFkZTMyZjY1ZDQ0MTdiZDhjMDJlMjhmMGYzY2YzMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXZs8hhhjSiNiQBlVeDNghkzRUTt
p+8F74fHje71M0VIiDcyd03+PQIYUyu1wOGbvdrciZAATs+J8IKi6HBHpUQZue9A
z3vCn6gA/VZL70tCrCJlzVcRyQrknQX+pwoV0jNMyUS7e10ddf++q5WvmKxidtge
mki1QT9SoAe41+MS4n96da4DGDhwbqahNc+63bIYSuSmdzCU0wb8eHDQ337SdYfL
DGywX9hFX8D4VYgyCoc1X8ocNuPfn91ucKl/H1z6xPqR7/qozichVxPjTr6oLhd5
O1JrEidcupkpf166sOobUSABLY1FLV5j77cd3t5nU0n8KzXVEWa/10qeZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC9e7f8d4y9l1EF72MAuKPDzzzDOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTDE3dF94M2pMMlhVUVh2WXdDNG84UFBQTU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADfZ+cd+MR2X49tt0uyJ
Makaz8dMBWVC+9YypfLwUDWpMIj3koaPJv8dmfjhFgTiHb5XYDJWidpvOKHlv5US
m29tVtKcY8Axn1tY3ucbwfjK6TV272J8UMjDgvHqy16rQxvx1CEn0phZ+cBynPyg
bnUOlMiyOUAGiiWOmM+Ic3O3Dc8MhksOylnx+bzXEcp+wTBoVafbZWH+iwZAuFt4
7p88HRhbluYhH2lBSv+boxTagHpWTrQYfulheZw3KqFCGV6PIDQf2N8hE9+IpRbS
qkW+NZVxDsUaFhJZ8cO5cciMZuDTo44mpXiiWfX1DJmERt5PLszFs8oWTZcYI6nL
Ask=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:25 2025 by rpki-client